Wireless MAC Address Patterns - networking

I am creating an application which uses semi-random numbers to roll on a table. The random numbers are generated from wireless network MAC Addressess, so they should be consistent across multiple devices (i.e. if I go to a wireless network with 2 different devices, I should generate the same random number).
My question is if there are any patterns that wireless network MACs are predisposed towards, that will affect my number generation, or if they are entirely random. It's important because it will affect the probabilities I assign to table values.
This is the image i pulled from Wikipedia that I am having some trouble understanding.
So based on this diagram, does this mean that the first 3 bytes of a MAC Address will be unique across router brands? If I run into two D-Link routers will that be the same? Or if it's two D-Link routers of the same model will it be the same?
And then are the last 3 bytes just randomly generated numbers? Thanks to anyone who takes the time to help me figure this out.

An OUI part with the 0x020000 bit cleared ("globally unique") is an assigned number from a registry. Every manufacturer of a wireless device applies for at least one of them, and uses it in the products they build. There is no requirement that a manufacturer have only one, or that they use different ones depending on who the end-producer of the equipment is. Thus, for example, many Dell laptops have MAC addresses that begin with Intel OUIs, because the laptops are built with Intel wireless chips.
For these MAC addresses, the NIC part has no specified value, but is usually assigned in monotonically-increasing values from pre-divided blocks during manufacture. Thus two Intel wireless chips rolling off the same assembly line will likely have numbers separated by 1.
An OUI part with the 0x020000 bit set ("locally administered") can have any other bits set, depending entirely on what the system it is attached to sets the address to.

Yes, the first 3 bytes of MAC addresses are usually not random at all, they are assigned to a particular corporation. (Some companies have more than 1 assignment). The last 3 bytes are also not "random" because sometimes they are assigned sequentially. Unless it was a really popular router, the high bits could be constant.
Also, a MAC address can be changed on most cards. And there are different types of MAC addresses, such as "link local" and "multicast".
If you want randomness, use /dev/random or whatever your OS supplies.

Related

is there any efficient solution for this?

A company named RT&T has a network of n switching stations connected by m high-speed communication links. Each customer’s phone is directly connected to one station in his or her area. The engineers of RT&T have developed a prototype video-phone system that allows two customers to see each other during a phone call. In order to have acceptable image quality, however, the number of links used to transmit video signals between the two parties cannot exceed 4. Suppose that RT&T’s network is represented by a graph. Design an efficient algorithm that computes, for each station, the set of stations it can reach using no more than 4 links.

Instead of Carrier Aggregation, why don't carriers use the new frequency bandwidth as separate channel to connect users directly?

Carrier aggregation combines the existing spectrum, say if the carrier had previously 20MHz in the area, with the newly acquired spectrum of 20MHz, to give a wider pipe or bandwidth for data flow between the mobile device & the base station tower.
My question is, why don't they just operate the new bandwidth as a separate pipe? So that there would be two pipes of 20MHz each, instead of one aggregated pipe of 40MHz?
Benefits:
Carriers won't have to deal with the complexity of Carrier Aggregation technology, as the two bands are totally separate (2300MHz & 1800MHz). End-users can be divided over the two frequencies. Theoretically this should halve the load on one channel, providing double the speeds to connected users.
Many existing 4G devices use single antenna for 4G operation. The LTE-A tech needs MIMO support on both mobile & tower to work. Essentially it needs 2 antennas on both mobile & tower for operating 2 different frequencies, which only stresses the mobile device. Existing hardware cannot benefit from LTE-A, where speeds will continue to remain the same post upgradation. In fact, it may slightly decrease post LTE-A implementation, since newer LTE-A devices will share load on both the frequencies, but existing LTE users can only use one.
For those new, this simple image explains how Carrier Aggregation works. https://www.techtalkthai.com/wp-content/uploads/2014/12/qualcomm_carrier_aggregation.jpg
1) Assuming that the operator already has 2 bands, it is really not complex to enable and configure carrier aggregation. It is likely that they already have the ability as part of the latest LTE software upgrades and it is just a matter of configuring it and possibly paying for a license to use it.
The scenario you describe of using two separate pipes instead of a single CA pipe is not feasible (or may not be possible?). When a device establishes a connection in an LTE network, a default bearer is configured which would not be able to simultaneously use two radio connections without CA or other similar features. Multiple bearers can certainly be established simultaneously, however they serve different purposes (e.g. voice vs data). That said, really CA is using two different pipes, but they act as a single (logical) bearer. Another advantage of CA is that the control plane signaling takes place on only one of the component carriers and therefore the other component carriers can be fully dedicated to user plane traffic.
2) I'll clear a few things up:
MIMO has nothing to do with Carrier Aggregation.
Most 4G devices today transmit on a single antenna and receive on two antennas. (Although they most likely have at least 2 tx and 2 rx antennas, and many have 4 tx and 4 rx antennas, although 4x4 MIMO has not been implemented by most operators.)
Existing devices are already taking advantage of LTE-A features and some operators are currently rolling out 3-carrier CA, 4x4 MIMO as well as 256QAM.
Here is a recent news article which discusses LTE-A features which have already been implemented: https://newsroom.t-mobile.com/news-and-blogs/lte-advanced.htm

How to auto-select the APN depending on SIM card?

I have this GSM embedded device under linux, where depending on external factors I might chose to put a different sim card into. But in the configuration for the PPP, I have to give an APN, which changes depending on the network du jour. How can I automatize that?
It just downed on me that smartphones don't need explicit APN entry to work when changing the sim card (also, the APN is sometimes different in M2M and actual cell phone, not sure I can use the same trick).
(I know you are curious: it's deployed in the middle of nowhere, and we chose the least worst network at the last minute on the installation site)
You can detect the network operator from the IMSI of the SIM, and have in your device a table mapping operators to APNs.
There are several sites that will provide you an IMSI to operator listing or MCC and MNC to operator listing. The MCC (Mobile Country One) is the first three digits of the IMIS and the MNC (Mobile Network code) the next 2 or 3 digits. Some example links:
https://www.imei.info/carriers/
https://www.mcc-mnc.com
As an aside, if you want to be able to change to adapt to the best available network coverage over time, the way many M2M applications achieve this is to use a 'forgein' SIM which can then roam to the best available signal at a given time. If your data usage requirements are low this can be a good way to avoid being dependent on one operator in an area with poor coverage. There are quite a few companies who specialise in these type of M2M sims, depending on your target location.

Reserved MAC-addresses (some are assigned anyway?)

I'm trying to make a list of all MAC addresses that are reserved, do not exist, should not be used, should only be used locally etc. (Just like the list of reserved IP-addresses on Wikipedia, but for MAC.) Basically I want to loop over all MAC-addresses from a switch and filter out the "real" ones.
This page suggests all addresses starting with 00-00-5E or 01-00-5E are reserved, but when I look them up it seems like 00-00-5E is also assigned to the Information Sciences Institute (part of a university in California).
So 2 questions:
1) Is there any place I can find a list of reserved MAC-adresses?
2) What's up with 00-00-5E? Is only part of that range reserved, or is there some reason they assigned it to ISI?
I was just looking into this myself recently. I believe that the IANA (which you refer to in one of your links) will give the most authoritative answer: IANA Ethernet Number Assignments
I don't think that this means that these addresses can never be used though. According to RFC5342, Section 2.1
"The 2**8 unicast identifiers from 00-00-5E-00-00-00 through 00-00-5E-00-00-FF are reserved and require IESG Ratification for allocation (see Section 5.1)."
So basically, it appears you need special permission from IESG (Internet Engineering Steering Group) to get an address in that range, which I suppose the ISI has obtained somehow.
Section 2.1 of RFC5342 deals with 48-Bit MAC Identifiers and OUIs, and it doesn't make any mention of any address ranges that are strictly forbidden or permanently reserved from what I've understood.
The following OUI are reserved as per RFC 5342:
OUI 01:00:5E:(00:00:00-7f:ff:ff) - Used for IPV4 Multicast and MLPS Multicast.
OUI 00:00:5E:(00:01:00 – 00:01:FF) - Used for Virtual Router Redundancy Protocol (VRRP) IPV4
OUI 00:00:5E:(00:02:00 – 00:02:FF) - Used for Virtual Router Redundancy Protocol (VRRP) IPV6
OUI 33:33:00 – 33:33:FF - Reserved for IPV6 Multicast
OUI CF:00:00 – CF:FF:FF - Reserved by IANA for PPP(Point to Point Protocol)
OUI 00:00:5E (00:00:00 - 00:00:FF) - Requires IESG Ratification for allocation.
Was looking into this myself.. I know it's been a while since the post was active.. but I found these to be ok to use locally:
x2-xx-xx-xx-xx-xx
x6-xx-xx-xx-xx-xx
xA-xx-xx-xx-xx-xx
xE-xx-xx-xx-xx-xx
Source: https://honeywellaidc.force.com/supportppr/s/article/Locally-Administered-MAC-addresses
The registration authority for MAC addresses is the IEEE. It hands out OUIs (Organizationally Unique Identifiers), which give you a three byte prefix, and 2^24 addresses within it, for a fee (currently 2 995USD). You also get the rights to the corresponding multicasts, which have the prefix with the lowest bit of the first byte set. For instance, 00:80:C2 is allocated to the IEEE 802.1 committee, which uses 01:08:C2:00:00:00 for Spanning tree.
So, there isn't really a list of reserved addresses. There is a list of OUIs that have been allocated, unless the buyer has paid (a lot) extra for privacy. You can use any address that has the local bit set freely. A tiny fraction of multicast addresses have a significant meaning because heavyweights like IEEE, Cisco, IANA assign meanings to them. From the IEEE registration point of view, there is no particular significance to these blocks (except possibly to those it has allocated to itself).
Now, how did the 01-00-5E range end up allocated to the Information Sciences Institute? The simple
answer is that they paid for it. So, really the question should be 'how did the Internet get to use part of the range allocated to ISI?'. The answer is that the IANA used to be run from an office in ISI: specifically IANA was the legendary Jon Postel
Bottom line: you are on a bit of a fool's errand. You can distinguish local addresses and multicast addresses, and make some attempt to tie up allocated unicast addresses to vendor blocks. And you can probably do a bit more with well-known multicast addresses but only by tracking down individudal vendor's documentation (IANA is obviously an important one but only definitive for 1 of the 2^22 available blocks). One of the best places to start is probably the Wireshark codebase.

Cell (cell-id), BTS and BSS in GSM network

what is the relation between BTS and cell? I think one BTS hardware can cover few cells and also some cells could be covered by more than one BTS isn't it?
Is part of information, that mobile receives from GSM network identification of concrete BTS or mobile phone knows only cell-id?
Is part of information, that mobile receives from GSM network identification of BSC?
Ad 1: Typically one BTS can handle several cells. Common patterns are a one BTS covering a circular area with one round-radiating antenna or a three-sector BTS which covers three cells with sector-radiating antennas. One cell can only be handed by one BTS at a time. Two or more BTSes are not possible since the radio communication would interfere with each other. Note that this is completely different in WCDMA/UMTS since there is no concept of cells.
Ad 2: Since one cell is covered by exactly one BTS, the cell id uniquely identified the concrete BTS.
Ad 3: Since the BTS does not contain any control logic, the mobile communicates directly with the BSC, e.g. about radio resources.
Edit after comment:
1/ The BTS is "dumb" to say it simply. It does only what the BSC instructs it to do. E.g. The BSC tells the BTS as well as the mobile which frequencies to use for the radio communication. A BTS does not route traffic as it is hooked to exactly one BSC. It even does not route traffic to one of several mobiles attached to the BTS as this is done by the BSC. Think of the BTS as a Um-to-Abis physical layer and protocol transcoder.
2/ Actually my earlier statement that UMTS has no cell concept is not exactly true, it's just different.
GSM is FTDMA (frequency and time division multiple access). The radio channel is shared by using different frequecies (per cell) and timeslots (per mobile). Since radio frequency is used to distinguish participants, great care must be taken that not two GSM participants use the same frequency at the same time at the same location. The solution to this is cells, where geographic areas have different frequencies assigned. Network planning must ensure that no two neighbouring cells use the same frequencies as this may lead to interference since you cannot control exactly the size of a cell (e.g. due to absorption and reflection). In GSM, a BTS has a fixed number of radio transmission channels, the number depends on the BTS hardware configuration. If all channels are in use, the cell is full, this is indpendent of the location of a mobile in the cell.
UMTS is CDMA (code division multiple access). The radio channel is shared by encoding the payload in a way that allows to decode it later even if several senders use the same frequency range. That requires coding schemes which are collision free (all codes are different from each other to avoid senders using too similar codes) and a great deal of signal processing. As an analogy: on a party you can understand someone accross the room, even if ten people are talking. The more senders communicate within the cell, the smaller the cell gets in order to allow the BTS/Node-B distinguishing between senders. Therefore, in UMTS a cell size is not geographically fixed. The cell "breathes" depending on its load.
OK, this thread is quite old, but requires some further clarifications for next generations.
When talking about GSM physical network architecture, the term BTS (Base Transceiver System) refers to the physical site itself - the 'small house with the tower' (although modern small BTSs are just boxes hanged on walls or placed on roof tops).
Each such physical site can host one omni-directional cell, or several sector cells.
In GSM logical network architecture, there is some confusion.
The terms 'Cell' and 'Base Station' actually refer to the same physical entity (a set of transceiver units, each used to receive and transmit one of the paired UL/DL carrier frequencies allocated in the BA frequency set). Let's call this entity 'physical cell' just for clarification.
The term Base Station is used for radio resource management. A BSIC (BS Id Code, or BTS Id Code) is allocated for the 'physical cell' and is used in the radio-related conversations between the MS (Mobile Station) and the BSS (BTS and BSC), e.g. for measurement reports.
The BSIC is composed of 'local' parameters - Network Color Code (NCC) and BS Color Code (BCC), and is therefore unknown outside the network.
This is where the term Cell comes in:
The term Cell is used for Mobility Management. A Cell Identity (CI) is defined as a refinement of the Routing Area - one RA will include several cells in it.
The Global Cell Identifier (GCI) is composed of network, RA and CI, and is used for handovers inside and outside the network.
It is up to the BSC to convert the BSIC to the Cell Identity (the BSC may convert the BSIC directly to GCI, or the BSC converts to CI, and the MSC will convert it to GCI).
Hope that helps a bit.
BTS means different at different place!
MS, BTS, BSC, when these words appear together, BTS means something between your phone and the MSC.
Sometimes we call a site (a small house and a tower) as a BTS.
In NOKIA gsm equipment,cell is called segment. Every cell has at least one BTS,different BTS has different functions,Eg:BTS1 provide voice service,BTS2 provide EDGE service。
Phone get BCCH(freq)/NCC/BCC to identificate different cells. Decode the information from BCCH to get CI, LAC...etc.

Resources